package com.guaoran.commons.swagger.ui.config;

import com.guaoran.commons.swagger.ui.IWebSecurityConfigurer;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.AnnotationAwareOrderComparator;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import javax.annotation.PostConstruct;
import java.util.List;

/**
 * @author : 孤傲然
 * @description :
 *  <p>因为 WebSecurityConfigurerAdapter 的优先级为100，且 security 是按照高优先级为主来实现的。</p>
 *  <p>现在改成低优先级会覆盖高优先级 </p>
 *  <p>这样可以保证在引用该starter的工程中，如果也引用了`spring-boot-starter-security` 依赖，则以引用该stater的工程为准</p>
 * @date :2020/8/5 12:54
 */
@Order(99)
@Configuration
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Autowired
    private List<IWebSecurityConfigurer> webSecurityConfigurers;

    @PostConstruct
    public void init(){
        AnnotationAwareOrderComparator.sort(webSecurityConfigurers);
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        for (IWebSecurityConfigurer webSecurityConfigurer : webSecurityConfigurers) {
            webSecurityConfigurer.configure(web);
        }
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        for (IWebSecurityConfigurer webSecurityConfigurer : webSecurityConfigurers) {
            webSecurityConfigurer.configure(http);
        }
    }
}
